package com.dongdongshop.shiro;


import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    //创建shiroFilterFactoryBean
    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        //设置安全管理器
        shiroFilterFactoryBean.setSecurityManager(getDefaultWebSecurityManager());
        //添加shiro内置过滤器
        /*
        * shiro内置过滤器,可以实现权限相关的拦截器
        * 常用的过滤器
        *  anon:无需认证(登录)可以访问
        *  authc:必须认证才可以访问
        *  perms:该资源必须得到权限才可以访问
        *  role:该资源必须得到角色权限才可以访问
        * */
        Map<String,String> fileterMap = new LinkedHashMap<>();
       /* fileterMap.put("/seller/toRegister","anon");
        fileterMap.put("/seller/toAudit","anon");
        fileterMap.put("/seller/register","anon");
        fileterMap.put("/seller/toLogin","anon");
        fileterMap.put("/seller/login","anon");*/
        fileterMap.put("/css/**","anon");
        fileterMap.put("/js/**","anon");
        fileterMap.put("/img/**","anon");
        fileterMap.put("/plugins/**","anon");
        fileterMap.put("/fonts/**","anon");

        //授权过滤器
        //当前授权拦截后,会自动跳转到未授权页面
      /*  fileterMap.put("/user/add","perms[add]");
        fileterMap.put("/user/delete","perms[delete]");*/

        //退出登录
        fileterMap.put("/auth/logout", "logout");
      /*  fileterMap.put("/**","authc");*/

        //修改调整的登录页面
        shiroFilterFactoryBean.setLoginUrl("/toLogin");
        //设置未授权提示页面
        shiroFilterFactoryBean.setUnauthorizedUrl("/auth/toAuth");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(fileterMap);
        return shiroFilterFactoryBean;
    }

    //创建DefaultWebSecurityManager
    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联realm
        securityManager.setRealm(getRealm());
        return securityManager;
    }

    //创建realm
    @Bean
    public UserRealm getRealm(){
        UserRealm userRealm = new UserRealm();
        //设置加密方式
        userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        return  userRealm;
    }

    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        //指定加密方式
        credentialsMatcher.setHashAlgorithmName("MD5");//散列算法:MD4,MD5,SHA-1,SHA-256,SHA-384,SHA512等;
        //加密次数
        credentialsMatcher.setHashIterations(3);//撒盐次数,
        //此处的设置,true加密用的是hex编码,false用的是base64编码
        credentialsMatcher.setStoredCredentialsHexEncoded(true);
        return credentialsMatcher;
    }
}






























